#2... sorry typing error Re: port stealth mode?

Leslie Jensen leslie at eskk.nu
Wed Aug 20 17:16:20 UTC 2008

Jeremy Chadwick skrev:
> On Wed, Aug 20, 2008 at 04:13:01PM +0200, Leslie Jensen wrote:
>> I've done some testing with Steve Gibsons "Shields up"
>> https://www.grc.com/x/ne.dll?bh0bkyd2
>> These tests lists the ports as closed but visible.
>> Instead the site suggest that one uses stealth so that the ports are not  
>> visible from the Internet.
>> Is there a way to achieve this with PF?
> The "block" directive, along with "set block-policy drop" should suffice
> for accomplishing this in pf.

Thank you Jeremy.

I had "return" instead of "drop".

Now when I do the test the ports 0, 1 and 53 are closed, not dropped.

I do not have any rules to allow these ports.

Any suggestions on what might be the reason for this?

freebsd-pf at freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"

More information about the freebsd-pf mailing list